This site is operated by a business or businesses owned by Informa PLC and all copyright resides with them. Informa PLC's registered office is 5 Howick Place, London SW1P 1WG. Registered in England and Wales. Number 8860726.

PSoC’s New Security Blanket

Security was a hot topic at this year’s Embedded World event in Nuremberg. Part of this wave was the release of a number of new Arm Cortex-M microcontrollers

Cypress Semiconductor’s PSoC 64 Secure isn’t a 64-bit Arm Cortex platform. It’s just the next in a series of PSoC solutions numbered sequentially, the last one being PSoC 63. What the PSoC 64 contains is a 32-bit Cortex-M4 and a 32-bit Cortex-M0+ core.

The Cortex-M4 is the application processor under the control of the secure Cortex-M0+. It provides secure-boot support to the Cortex-M4 along with other security-related services including attestation based on secure keys contained in each chip. As a result, developers are able to concentrate on the application running on the Cortex-M4 (Fig. 1), while letting the Cortex-M0+ handle most of the security chores including providing a root of trust (RoT).

1. The PSoC 64 provides the secure underpinnings to allow developers to concentrate on applications instead of security details.

The PSoC family includes configurable digital and analog blocks that can be customized by the developer into advanced peripherals. Versions are available with hard peripheral blocks as well, to provide support for features like Wi-Fi and Bluetooth communication (Fig. 2). The RoT firmware runs on the Cortex-M0+. Standard firmware versions are available so that developers don’t have to contend with writing and supporting security firmware, although it’s possible for experienced security developers to create custom firmware.

2. PSoC 64 provides developers with a Cortex-M4 core for applications, while the Cortex-M0+ handles security using the root-of-trust firmware and services.

The PSoC 64 is designed to support both Arm’s Platform Security Architecture (PSA) and Cypress Semiconductor’s new ModusToolbox Suite (Fig. 3), which is built on the Eclipse-based integrated design environment (IDE). It builds on the PSoC 64 hardware and security firmware and adds IoT middleware to take advantage of the secure hardware and firmware as well as the other features of the PSoC 64.

The ModusToolbox targets the range of Cypress hardware platforms and unifies the Cypress MCU and wireless devices, including the Cypress WICED Studio wireless support. The toolbox uses an open architecture to allow additional RTOS support and middleware to be addressed. The initial RTOS is the Arm Mbed OS that has PSA software certification; Cypress will deliver the PSA Platform API support and PSA certification for the hardware. It supports Mbed’s secure Trusted Firmware-M (TF-M) implementation.

The PSoC 64 currently has PSA Level 1 certification. Modus will also support design flows for other RTOS platforms and IoT stacks, including Amazon’s FreeRTOS and Express Logic’s ThreadX.

“In a world of a trillion connected devices, trust is essential, and it’s our industry’s responsibility to enable this trust,” said Paul Williamson, vice president and general manager, Emerging Business Group at Arm. “PSA Certified enables IoT solution developers and device makers to verify their solutions have been designed with a secure foundation, in line with PSA principles. Using Arm Mbed OS and Trusted Firmware, Cypress is among the first of our partners to deliver a Level 1 PSA Certified solution with the PSoC 64 Secure family.”

The ModusToolbox suite also handles IoT stacks such as Amazon Web Services (AWS), Arm Pelion, and Alibaba. These take advantage of the RoT provided by PSoC 64 and use the hardware support for secure communication.